avgrsx.exe... mange sidefejl eller andet..

Har du selv lavet det her:
ProxyServer = http=202.75.39.98

Prøv lige at køre det her
Hent "Malwarebytes' Anti-Malware" her: http://www.besttechie.net/tools/mbam-setup.exe
Installer og start programmet, opdater, lav "fuld systemskanning" under fanebladet "skanner".
Bagefter klik på "vis resultater", tryk på "Fjern det valgte" og send loggen herind sammen med en log fra DDS som du finder her: http://download.bleepingcomputer.com/sUBs/dds.scr

eller her: http://www.forospyware.com/sUBs/dds


Den laver to logs,(DDS.txt og Attach.txt) gem dem på skrivebordet og kopier indholdet af DDS.txt  herind.

Tak for hurtig svar.  Jeg har lige kørt ad-aware for under en uge siden, men det siger sgu noget om hvor dårlig det program er
:(

Vel her kommer de to logs, håber du kan se noget, for det tegner jo ikke for godt.

Malwarebytes' Anti-Malware 1.36
Database version: 2167
Windows 5.1.2600 Service Pack 3

23-05-2009 00:31:21
mbam-log-2009-05-23 (00-31-21).txt

Skan type: Fuldstændig skanning (C:\|E:\|F:\|)
Objekter skannet: 242935
Tid tilbagelagt: 54 minute(s), 46 second(s)

Inficerede Hukommelses Processer: 0
Inficerede Hukommelses Moduler: 0
Inficerede Registeringsdatabase Nøgler: 1
Inficerede Registeringsdatabase Værdier: 0
Inficerede Registeringsdatabase Filer: 5
Inficerede Mapper: 0
Inficerede Filer: 9

Inficerede Hukommelses Processer:
(Ingen mistænkelige filer fundet)

Inficerede Hukommelses Moduler:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Nøgler:
HKEY_CURRENT_USER\SOFTWARE\videosoft (Trojan.DNSChanger) -> Quarantined and deleted successfully.

Inficerede Registeringsdatabase Værdier:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Filer:
HKEY_CLASSES_ROOT\scrfile\shell\open\command\ (Broken.OpenCommand) -> Bad: (NOTEPAD.EXE %1) Good: ("%1" /S) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\regfile\shell\open\command\ (Broken.OpenCommand) -> Bad: (NOTEPAD.EXE %1) Good: (regedit.exe "%1") -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Inficerede Mapper:
(Ingen mistænkelige filer fundet)

Inficerede Filer:
C:\Poker\Centrebet Poker\_SetupPoker[1].exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Poker\Centrebet Poker\__SetupPoker[1].exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\CheckForNewInstall.EXE (Adware.BHO) -> Quarantined and deleted successfully.
C:\WINDOWS\CheckForOldInstall.EXE (Adware.BHO) -> Quarantined and deleted successfully.
C:\WINDOWS\FixTalkTIRegistry.EXE (Adware.BHO) -> Quarantined and deleted successfully.
C:\WINDOWS\RunMSIEXEC.EXE (Adware.BHO) -> Quarantined and deleted successfully.
C:\WINDOWS\SetTrademark.EXE (Adware.BHO) -> Quarantined and deleted successfully.
C:\WINDOWS\ParseUninstallPath.EXE (Adware.BHO) -> Quarantined and deleted successfully.
C:\WINDOWS\parseuninstallpath1.EXE (Adware.BHO) -> Quarantined and deleted successfully.

-------------------


DDS (Ver_09-05-14.01) - NTFSx86 
Run by Kurt at  0:38:23,05 on 23-05-2009
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional  5.1.2600.3.1252.45.1033.18.2047.1492 [GMT 2:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)  {17DDD097-36FF-435F-9E1B-52D74245D6BF}

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\ATKKBService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\FolderSize\FolderSizeSvc.exe
C:\Program Files\ASUS\GamerOSD\GamerOSD.exe
C:\Program Files\iolo\System Mechanic 7\SMSystemAnalyzer.exe
C:\Program Files\iolo\common\lib\ioloServiceManager.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
svchost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\system32\wuauclt.exe
C:\Hij\dds.pif

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.dk/
uInternet Settings,ProxyOverride = *.local
uInternet Settings,ProxyServer = http=202.75.39.98
BHO: FGCatchUrl: {2f364306-aa45-47b5-9f9d-39a8b94e7ef7} - c:\program files\flashget\jccatch.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar3.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.0.926.3450\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: FlashGet GetFlash Class: {f156768e-81ef-470c-9057-481ba8380dba} - c:\program files\flashget\getflash.dll
TB: FlashGet: {e0e899ab-f487-11d5-8d29-0050ba6940e3} - c:\program files\flashget\fgiebar.dll
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar3.dll
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
TB: {968631B6-4729-440D-9BF4-251F5593EC9A} - No File
uRun: [LDM] c:\program files\logitech\desktop messenger\8876480\program\LogitechDesktopMessenger.exe
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [ASUSGamerOSD] c:\program files\asus\gamerosd\GamerOSD.exe
mRun: [SMSystemAnalyzer] "c:\program files\iolo\system mechanic 7\SMSystemAnalyzer.exe"
mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
IE: &Download alle med FlashGet - c:\program files\flashget\jc_all.htm
IE: &Download med FlashGet - c:\program files\flashget\jc_link.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Open Picture in &Microsoft PhotoDraw - c:\progra~1\micros~2\office\1033\phdintl.dll/phdContext.htm
IE: {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - c:\program files\flashget\FlashGet.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
DPF: {00000055-9980-0010-8000-00AA00389B71} - hxxp://codecs.microsoft.com/codecs/i386/fhg.CAB
DPF: {00000161-9980-0010-8000-00AA00389B71} - hxxp://codecs.microsoft.com/codecs/i386/msaud.cab
DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} - hxxp://downol.dr.dk/download/netradio/Rawflow.cab
DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} - hxxp://www.creative.com/softwareupdate/su/ocx/15031/CTSUEng.cab
DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} - hxxp://support.asus.com/common/asusTek_sys_ctrl.cab
DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - hxxp://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
DPF: {1819853F-A3CA-4BC4-AD65-EC29D7448494} - hxxp://centrebet.com/external/cust_static/activex/centrebetpokerlauncher.cab
DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15101/CTSUEng.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://dl8-cdn-09.sun.com/s/ESD7/JSCDL/jdk/6u13-b03/jinstall-6u13-windows-i586-jc.cab?e=1240912674387&h=2c559f19f0ca2cb90cd0e13962d38036/&filename=jinstall-6u13-windows-i586-jc.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {99D090A6-EA84-466E-8F21-834B36F57E77} - hxxp://peerfactor.fr/PeerFactor_DL.cab
DPF: {9DF01F00-08E7-4DBE-9070-94841463B3FE} - hxxps://danid.dk/csp/authenticode/csp.exe
DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {D216644A-C6DB-49D9-BBCF-D38FE7991BF2} - hxxps://udstedelse.certifikat.tdc.dk/csp/authenticode/tdccsp-0506.exe
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E56347B0-6C2B-4C2E-939F-EE513EAC80BC} - hxxp://www.creative.com/register/OCXs/CtORWebClientNoMFC.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15106/CTPID.cab
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\logitech\desktop messenger\8876480\program\GAPlugProtocol-8876480.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: AtiExtEvent - Ati2evxx.dll
Notify: avgrsstarter - avgrsstx.dll
Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
LSA: Notification Packages =  :\windows\syste

============= SERVICES / DRIVERS ===============

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-11-26 325896]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2008-11-26 27784]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2008-11-26 108552]
R1 EIO_XP;EIO_XP;c:\windows\system32\drivers\EIO_XP.sys [2009-4-19 12288]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2008-11-26 908568]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2008-11-26 298776]
R2 ioloFileInfoList;iolo FileInfoList Service;c:\program files\iolo\common\lib\ioloServiceManager.exe [2009-5-7 566120]
R2 ioloSystemService;iolo System Service;c:\program files\iolo\common\lib\ioloServiceManager.exe [2009-5-7 566120]
R3 Video3D;ASUS Video3D Service;c:\windows\system32\drivers\Video3D32.sys [2009-4-19 10752]
S0 ntcdrdrv;ntcdrdrv;c:\windows\system32\drivers\ntcdrdrv.sys --> c:\windows\system32\drivers\ntcdrdrv.sys [?]
S0 viasraid;viasraid;c:\windows\system32\drivers\viasraid.sys [2006-12-27 77312]
S3 AIDA32Driver;AIDA32Driver;c:\documents and settings\kurt\my documents\downloads\aida32pe_393\aida32.sys [2009-4-22 3584]
S3 CrystalSysInfo;CrystalSysInfo;\??\c:\program files\mediacoder\sysinfo.sys --> c:\program files\mediacoder\SysInfo.sys [?]
S3 LGDDCDevice;LGDDCDevice;c:\program files\lg soft india\fortemanager\bin\I2CDriver.sys [2008-11-26 14336]
S3 LGII2CDevice;LGII2CDevice;c:\program files\lg soft india\fortemanager\bin\PII2CDriver.sys [2008-11-26 13312]
S3 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2007-1-25 42000]

============== File Associations ===============

JSEFile=NOTEPAD.EXE %1
VBEFile=NOTEPAD.EXE %1
VBSFile=NOTEPAD.EXE %1

=============== Created Last 30 ================

2009-05-22 23:33    <DIR>    --d-----    c:\docume~1\kurt\applic~1\Malwarebytes
2009-05-22 23:33    15,504    a-------    c:\windows\system32\drivers\mbam.sys
2009-05-22 23:33    38,496    a-------    c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-22 23:33    <DIR>    --d-----    c:\program files\Malwarebytes' Anti-Malware
2009-05-22 23:33    <DIR>    --d-----    c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-05-22 15:55    <DIR>    --d-----    C:\Hij
2009-05-22 12:16    <DIR>    --d-----    c:\documents and settings\kurt\.freemind
2009-05-22 11:17    <DIR>    --d-----    c:\program files\FreeMind
2009-05-07 01:50    428,904    a-------    c:\windows\system32\Incinerator.dll
2009-05-07 01:50    <DIR>    --d-----    c:\program files\iolo
2009-05-07 01:48    <DIR>    --d-----    c:\docume~1\kurt\applic~1\iolo
2009-05-07 01:48    <DIR>    --d-----    c:\docume~1\alluse~1\applic~1\iolo
2009-05-06 21:28    <DIR>    --dsh---    c:\documents and settings\kurt\IECompatCache
2009-05-06 21:27    <DIR>    --dsh---    c:\documents and settings\kurt\PrivacIE
2009-05-06 21:26    <DIR>    --dsh---    c:\documents and settings\kurt\IETldCache
2009-05-06 21:24    <DIR>    --d-----    c:\windows\ie8updates
2009-05-06 21:23    105,984    -c------    c:\windows\system32\dllcache\iecompat.dll
2009-05-06 21:22    <DIR>    -cd-h---    c:\windows\ie8
2009-05-06 14:24    <DIR>    --d-----    c:\program files\ASUS
2009-05-06 10:56    386    a-------    c:\windows\system32\ioloBootDefrag.cfg
2009-05-06 10:55    34,304    a-------    c:\windows\system32\iolobtdfg.exe
2009-05-06 10:31    4,608    a--sh---    c:\windows\system32\Thumbs.db
2009-05-06 07:41    155,648    a-------    c:\windows\system32\ssleay32.dll
2009-05-01 14:09    <DIR>    --d-----    c:\program files\Limudo Downloader
2009-04-29 17:47    <DIR>    --d-----    c:\program files\TagScanner
2009-04-29 00:13    244    a---h---    C:\sqmnoopt03.sqm
2009-04-29 00:13    232    a---h---    C:\sqmdata03.sqm
2009-04-29 00:13    244    a---h---    C:\sqmnoopt02.sqm
2009-04-29 00:13    232    a---h---    C:\sqmdata02.sqm
2009-04-29 00:13    244    a---h---    C:\sqmnoopt01.sqm
2009-04-29 00:13    232    a---h---    C:\sqmdata01.sqm
2009-04-29 00:12    244    a---h---    C:\sqmnoopt00.sqm
2009-04-29 00:12    232    a---h---    C:\sqmdata00.sqm
2009-04-28 11:58    <DIR>    --d-----    c:\documents and settings\kurt\Jaikoz
2009-04-28 11:57    <DIR>    --d-----    c:\program files\Jthink
2009-04-28 11:57    410,984    a-------    c:\windows\system32\deploytk.dll
2009-04-28 11:37    <DIR>    --d-----    c:\program files\DSUSS
2009-04-24 09:07    <DIR>    --d-----    c:\program files\Lavasoft
2009-04-24 09:05    <DIR>    --d-----    c:\docume~1\kurt\applic~1\Ashampoo
2009-04-24 09:05    <DIR>    --d-----    c:\docume~1\alluse~1\applic~1\ashampoo
2009-04-24 09:05    <DIR>    --d-----    c:\program files\Ashampoo
2009-04-24 08:13    43,520    a-------    c:\windows\system32\CmdLineExt03.dll
2009-04-23 15:22    <DIR>    --d-----    c:\program files\Audacity
2009-04-23 15:11    <DIR>    --d-----    c:\docume~1\kurt\applic~1\FLV Extract
2009-04-23 13:56    <DIR>    --d-----    c:\docume~1\kurt\applic~1\Broad Intelligence

==================== Find3M  ====================

2009-05-06 08:59    11,952    a-------    c:\windows\system32\avgrsstx.dll
2009-05-06 08:59    325,896    a-------    c:\windows\system32\drivers\avgldx86.sys
2009-05-06 08:59    108,552    a-------    c:\windows\system32\drivers\avgtdix.sys
2009-05-04 08:00    0    a-------    c:\documents and settings\kurt\temp.dat
2009-03-08 04:34    914,944    a-------    c:\windows\system32\wininet.dll
2009-03-08 04:34    43,008    a-------    c:\windows\system32\licmgr10.dll
2009-03-08 04:33    18,944    a-------    c:\windows\system32\corpol.dll
2009-03-08 04:33    420,352    a-------    c:\windows\system32\vbscript.dll
2009-03-08 04:32    72,704    a-------    c:\windows\system32\admparse.dll
2009-03-08 04:32    71,680    a-------    c:\windows\system32\iesetup.dll
2009-03-08 04:31    34,816    a-------    c:\windows\system32\imgutil.dll
2009-03-08 04:31    48,128    a-------    c:\windows\system32\mshtmler.dll
2009-03-08 04:31    45,568    a-------    c:\windows\system32\mshta.exe
2009-03-08 04:22    156,160    a-------    c:\windows\system32\msls31.dll
2009-03-06 16:22    284,160    a-------    c:\windows\system32\pdh.dll
2008-02-14 22:30    32    a-------    c:\docume~1\alluse~1\applic~1\ezsid.dat
2001-03-28 12:02    122,880    a-------    c:\windows\inf\agfa\message.exe
2008-02-19 10:52    200    ---shr--    c:\windows\system32\1F2AE5C3FD.sys
2009-02-09 02:54    848    a--sh---    c:\windows\system32\KGyGaAvL.sys
2008-10-10 22:42    32,768    a--sh---    c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008101020081011\index.dat

============= FINISH:  0:38:44,87 ===============

Hent og gem Combofix på dit skrivebord:

http://download.bleepingcomputer.com/sUBs/ComboFix.exe



Højreklik på skrivebordet og vælg ny->tekstdokument og kopier  indholdet mellem  linierne ind og gem filen som CFScript.txt

Du skal sikre dig at den ikke kommer til at hedde CFScript.txt.txt


--------------

Killall::

Snapshot::

DDS::
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
TB: {968631B6-4729-440D-9BF4-251F5593EC9A} - No File


-------------


Tag så fat i den nye fil med musen, og før den hen over Combofix-filen, hvorefter du "giver slip" med musen.
http://www.fromsej.saknet.dk/billeder/cfscript.gif


Så skulle Combofix gerne give sig til at arbejde. Muligvis vil den kræve en genstart, hvilket du skal tillade. Du bør ikke klikke på vinduet imens værktøjet kører, idet det kan få din computer til at fryse.
Når Combofix er færdig, og efter det (muligvis) har genstartet, skulle der gerne åbnes en logfil: combofix.txt som ligger her C:\ Combofix txt

Indholdet af denne fil må du gerne lægge herind.

Du svarede ikke på dette:


Har du selv lavet det her:
ProxyServer = http=202.75.39.98

Ok, først må jeg indrømme at jeg ikke er glad ved en maskine med virus/adware på så jeg har installeret nyt virusprogram og installeret firewall. Jeg har ligeledes fundet den der 'proxyserver' ting, som åbentbart fortæller min surfer historie til en eller anden i Malaysa ?? !!  og jeg har fjernet den manuelt med regedit.

Her loggen som den ser ud nu, igen tak for din tid. PS: min firewall kunne bestemt ikke li det jeg lige har lavet ;)

ComboFix 09-05-25.09 - Kurt 26-05-2009 15:14.1 - NTFSx86
Microsoft Windows XP Professional  5.1.2600.3.1252.45.1033.18.2047.1419 [GMT 2:00]
Kører fra: c:\documents and settings\Kurt\Desktop\ComboFix.exe
Kommandoer benyttet :: c:\documents and settings\Kurt\Desktop\CFScript.txt
AV: avast! antivirus 4.8.1335 [VPS 090525-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: COMODO Firewall *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}

advarsel -DENNE MASKINE HAR IKKE GENOPRETTELSESKONSOL INSTALLERET !!
.

(((((((((((((((((((((((((((((  Filer skabt fra 2009-04-26 til 2009-05-26  )))))))))))))))))))))))))))))))))))
.

2009-05-26 10:29 . 2009-05-26 10:29    --------    d-----w    c:\documents and settings\Kurt\Application Data\MatchWare
2009-05-26 10:27 . 2009-05-26 10:27    --------    d-----w    c:\program files\MatchWare
2009-05-25 22:27 . 2009-05-25 22:27    --------    d-----w    c:\documents and settings\Kurt\Application Data\storytron
2009-05-25 21:33 . 2009-05-06 12:23    372736    ----a-w    c:\documents and settings\Kurt\Application Data\Mozilla\Firefox\Profiles\6yigzgw8.default\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374}\platform\WINNT\components\FoxyTunes.dll
2009-05-24 21:12 . 2009-05-24 21:12    --------    d-----w    c:\windows\system32\syncdb
2009-05-23 15:27 . 2009-05-23 15:27    --------    d-----w    c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2009-05-23 15:26 . 2009-05-23 15:26    --------    d-----w    c:\program files\SUPERAntiSpyware
2009-05-23 15:26 . 2009-05-23 15:26    --------    d-----w    c:\documents and settings\Kurt\Application Data\SUPERAntiSpyware.com
2009-05-23 14:44 . 2009-05-23 14:44    82080    ----a-w    c:\windows\system32\drivers\inspect.sys
2009-05-23 14:44 . 2009-05-23 14:44    24096    ----a-w    c:\windows\system32\drivers\cmdhlp.sys
2009-05-23 14:44 . 2009-05-23 14:44    168208    ----a-w    c:\windows\system32\guard32.dll
2009-05-23 14:44 . 2009-05-23 14:44    132640    ----a-w    c:\windows\system32\drivers\cmdguard.sys
2009-05-23 13:55 . 2009-02-05 20:06    51376    ----a-w    c:\windows\system32\drivers\aswTdi.sys
2009-05-23 13:55 . 2009-02-05 20:06    23152    ----a-w    c:\windows\system32\drivers\aswRdr.sys
2009-05-23 13:55 . 2009-02-05 20:05    26944    ----a-w    c:\windows\system32\drivers\aavmker4.sys
2009-05-23 13:55 . 2009-02-05 20:08    93296    ----a-w    c:\windows\system32\drivers\aswmon.sys
2009-05-23 13:55 . 2009-02-05 20:08    94032    ----a-w    c:\windows\system32\drivers\aswmon2.sys
2009-05-23 13:55 . 2009-02-05 20:07    114768    ----a-w    c:\windows\system32\drivers\aswSP.sys
2009-05-23 13:55 . 2009-02-05 20:07    20560    ----a-w    c:\windows\system32\drivers\aswFsBlk.sys
2009-05-23 13:55 . 2009-02-05 20:04    97480    ----a-w    c:\windows\system32\AvastSS.scr
2009-05-23 13:55 . 2009-02-05 20:11    1256296    ----a-w    c:\windows\system32\aswBoot.exe
2009-05-23 13:55 . 2009-05-23 13:55    --------    d-----w    c:\program files\Alwil Software
2009-05-22 22:50 . 2009-05-22 22:50    --------    d-----w    c:\windows\51E43DA1CAEA42649BB83F47ED57E2A4.TMP
2009-05-22 21:33 . 2009-05-22 21:33    --------    d-----w    c:\documents and settings\Kurt\Application Data\Malwarebytes
2009-05-22 21:33 . 2009-04-06 13:32    15504    ----a-w    c:\windows\system32\drivers\mbam.sys
2009-05-22 21:33 . 2009-04-06 13:32    38496    ----a-w    c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-22 21:33 . 2009-05-22 21:33    --------    d-----w    c:\program files\Malwarebytes' Anti-Malware
2009-05-22 21:33 . 2009-05-22 21:33    --------    d-----w    c:\documents and settings\All Users\Application Data\Malwarebytes
2009-05-22 13:55 . 2009-05-24 22:54    --------    d-----w    C:\Hij
2009-05-22 10:16 . 2009-05-24 21:44    --------    d-----w    c:\documents and settings\Kurt\.freemind
2009-05-22 09:17 . 2009-05-22 09:17    --------    d-----w    c:\program files\FreeMind
2009-05-19 23:32 . 2009-05-19 23:32    --------    d-----w    c:\documents and settings\Kurt\Local Settings\Application Data\Opera
2009-05-19 23:32 . 2009-05-25 21:05    --------    d-----w    c:\program files\Opera
2009-05-17 18:55 . 2009-05-17 18:55    1517    ----a-w    c:\documents and settings\Kurt\Application Data\iolo\restore.bat
2009-05-17 18:48 . 2009-05-17 18:48    518    ----a-w    c:\documents and settings\Kurt\Application Data\iolo\Registry\Last\restore.bat
2009-05-06 23:50 . 2009-05-06 23:50    --------    d-----w    c:\documents and settings\LocalService\Application Data\iolo
2009-05-06 23:50 . 2008-05-06 14:36    428904    ----a-w    c:\windows\system32\Incinerator.dll
2009-05-06 23:50 . 2009-05-06 23:50    --------    d-----w    c:\program files\iolo
2009-05-06 23:48 . 2009-05-17 18:48    --------    d-----w    c:\documents and settings\Kurt\Application Data\iolo
2009-05-06 23:48 . 2009-05-06 23:50    --------    d-----w    c:\documents and settings\All Users\Application Data\iolo
2009-05-06 19:28 . 2009-05-06 19:28    --------    d-sh--w    c:\documents and settings\Kurt\IECompatCache
2009-05-06 19:27 . 2009-05-06 19:27    --------    d-sh--w    c:\documents and settings\Kurt\PrivacIE
2009-05-06 19:26 . 2009-05-06 19:26    --------    d-sh--w    c:\documents and settings\NetworkService\IETldCache
2009-05-06 19:26 . 2009-05-06 19:26    --------    d-sh--w    c:\documents and settings\Kurt\IETldCache
2009-05-06 19:24 . 2009-05-06 19:24    --------    d-----w    c:\windows\ie8updates
2009-05-06 19:23 . 2009-02-28 04:55    105984    -c----w    c:\windows\system32\dllcache\iecompat.dll
2009-05-06 19:22 . 2009-05-06 19:23    --------    dc-h--w    c:\windows\ie8
2009-05-06 12:24 . 2009-05-06 12:24    --------    d-----w    c:\program files\ASUS
2009-05-06 08:55 . 2008-03-24 06:53    34304    ----a-w    c:\windows\system32\iolobtdfg.exe
2009-05-06 05:41 . 2006-03-28 07:55    155648    ----a-w    c:\windows\system32\ssleay32.dll
2009-05-01 18:30 . 2009-05-01 18:30    3366912    ----a-w    c:\windows\system32\GPhotos.scr
2009-04-28 09:58 . 2009-04-28 09:58    --------    d-----w    c:\documents and settings\Kurt\Jaikoz
2009-04-28 09:57 . 2009-04-28 09:56    410984    ----a-w    c:\windows\system32\deploytk.dll
2009-04-28 09:56 . 2009-04-28 09:56    152576    ----a-w    c:\documents and settings\Kurt\Application Data\Sun\Java\jre1.6.0_13\lzma.dll

.
((((((((((((((((((((((((((((((((((((((((  Find3M Rapport  ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-26 13:17 . 2007-04-02 15:05    24    ----a-w    c:\windows\system32\DVCStateBkp-{00000000-00000000-0000000C-00001102-00000002-80611102}.dat
2009-05-26 13:17 . 2007-04-02 15:05    24    ----a-w    c:\windows\system32\DVCState-{00000000-00000000-0000000C-00001102-00000002-80611102}.dat
2009-05-25 20:23 . 2008-04-30 23:38    --------    d-----w    c:\program files\Tournament Indicator
2009-05-25 14:38 . 2006-12-30 17:55    --------    d-----w    c:\program files\Mozilla Thunderbird
2009-05-25 09:32 . 2006-12-27 21:44    --------    d-----w    c:\documents and settings\Kurt\Application Data\uTorrent
2009-05-24 21:42 . 2006-12-27 18:25    102152    ----a-w    c:\documents and settings\Kurt\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-05-24 21:40 . 2008-11-06 13:20    --------    d-----w    c:\program files\FolderSize
2009-05-24 21:15 . 2008-12-15 07:39    --------    d-----w    c:\program files\SmartSound Software
2009-05-24 21:13 . 2007-01-04 21:52    --------    d-----w    c:\program files\Common Files\Adobe
2009-05-24 00:43 . 2007-05-02 22:45    --------    d-----w    c:\documents and settings\All Users\Application Data\FLEXnet
2009-05-24 00:37 . 2009-04-19 16:04    --------    d--h--w    c:\program files\InstallShield Installation Information
2009-05-23 15:26 . 2007-04-12 20:18    --------    d-----w    c:\program files\Common Files\Wise Installation Wizard
2009-05-23 15:19 . 2009-04-01 05:57    --------    d-----w    c:\documents and settings\All Users\Application Data\comodo
2009-05-23 14:44 . 2009-04-01 05:57    --------    d-----w    c:\program files\COMODO
2009-05-23 13:51 . 2008-11-26 15:29    --------    d-----w    c:\documents and settings\All Users\Application Data\avg8
2009-05-22 22:54 . 2009-01-12 19:01    --------    d-----w    c:\program files\IObit
2009-05-22 22:49 . 2009-03-08 11:16    --------    d-----w    c:\program files\Gentibus CD
2009-05-19 23:03 . 2008-03-01 00:23    --------    d-----w    c:\program files\Replay AV 8
2009-05-19 22:46 . 2009-04-09 17:39    --------    d-----w    c:\program files\GRETECH
2009-05-07 15:42 . 2007-10-21 12:30    --------    d-----w    c:\documents and settings\Kurt\Application Data\EssentialPIM
2009-05-06 06:55 . 2009-04-01 05:57    --------    d-----w    c:\documents and settings\Kurt\Application Data\Comodo
2009-05-06 06:22 . 2007-09-04 11:42    --------    d-----w    c:\documents and settings\All Users\Application Data\Lavasoft
2009-05-04 23:04 . 2007-01-17 22:00    --------    d-----w    c:\program files\Common Files\Blizzard Entertainment
2009-05-04 06:00 . 2008-12-25 12:14    0    ----a-w    c:\documents and settings\Kurt\temp.dat
2009-04-28 09:56 . 2007-01-20 15:45    --------    d-----w    c:\program files\Java
2009-04-24 07:05 . 2009-04-24 07:05    --------    d-----w    c:\documents and settings\Kurt\Application Data\Ashampoo
2009-04-24 07:05 . 2009-04-24 07:05    --------    d-----w    c:\documents and settings\All Users\Application Data\ashampoo
2009-04-24 07:05 . 2009-04-24 07:05    --------    d-----w    c:\program files\Ashampoo
2009-04-24 06:20 . 2009-02-01 18:22    --------    d-----w    c:\documents and settings\Kurt\Application Data\DVD Flick
2009-04-24 06:20 . 2008-09-25 16:23    --------    d-----w    c:\documents and settings\Kurt\Application Data\Any Video Converter Professional
2009-04-24 06:13 . 2009-04-24 06:13    43520    ----a-w    c:\windows\system32\CmdLineExt03.dll
2009-04-24 05:53 . 2007-11-15 11:51    --------    d-----w    c:\documents and settings\All Users\Application Data\Nero
2009-04-24 05:53 . 2007-01-12 21:24    --------    d-----w    c:\program files\Common Files\Ahead
2009-04-24 05:50 . 2008-10-01 15:17    --------    d-----w    c:\program files\Common Files\Macromedia
2009-04-23 13:12 . 2009-04-23 13:11    --------    d-----w    c:\documents and settings\Kurt\Application Data\FLV Extract
2009-04-23 11:56 . 2009-04-23 11:56    --------    d-----w    c:\documents and settings\Kurt\Application Data\Broad Intelligence
2009-04-22 19:01 . 2009-04-22 19:01    --------    d-----w    c:\documents and settings\LocalService\Application Data\DivX
2009-04-20 23:41 . 2007-01-18 20:14    --------    d-----w    c:\documents and settings\Kurt\Application Data\Skype
2009-04-20 22:17 . 2008-02-14 20:30    --------    d-----w    c:\documents and settings\Kurt\Application Data\skypePM
2009-04-19 16:10 . 2009-04-19 16:10    --------    d-----w    c:\documents and settings\All Users\Application Data\ATI
2009-04-19 16:07 . 2008-02-03 21:40    --------    d-----w    c:\program files\ATI Technologies
2009-04-18 15:01 . 2009-04-18 15:01    --------    d-----w    c:\program files\Common Files\Logitech
2009-04-01 06:45 . 2009-04-01 06:45    --------    d-----w    c:\documents and settings\Administrator\Application Data\Windows Desktop Search
2009-04-01 06:45 . 2009-04-01 06:45    --------    d-----w    c:\documents and settings\Administrator\Application Data\Comodo
2009-03-27 23:05 . 2007-06-24 10:31    --------    d-----w    c:\program files\WinTV
2009-03-12 20:18 . 2009-03-12 20:18    75048    ----a-w    c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\SetupAdmin.exe
2009-03-10 00:04 . 2009-03-10 00:04    56    ---ha-w    c:\windows\system32\ezsidmv.dat
2009-03-08 02:34 . 2006-03-15 12:00    914944    ----a-w    c:\windows\system32\wininet.dll
2009-03-08 02:34 . 2006-03-15 12:00    43008    ----a-w    c:\windows\system32\licmgr10.dll
2009-03-08 02:33 . 2008-10-10 06:01    18944    ----a-w    c:\windows\system32\corpol.dll
2009-03-08 02:33 . 2008-10-10 06:01    420352    ----a-w    c:\windows\system32\vbscript.dll
2009-03-08 02:32 . 2006-03-15 12:00    72704    ----a-w    c:\windows\system32\admparse.dll
2009-03-08 02:32 . 2006-03-15 12:00    71680    ----a-w    c:\windows\system32\iesetup.dll
2009-03-08 02:31 . 2006-03-15 12:00    34816    ----a-w    c:\windows\system32\imgutil.dll
2009-03-08 02:31 . 2006-03-15 12:00    48128    ----a-w    c:\windows\system32\mshtmler.dll
2009-03-08 02:31 . 2006-03-15 12:00    45568    ----a-w    c:\windows\system32\mshta.exe
2009-03-08 02:22 . 2006-03-15 12:00    156160    ----a-w    c:\windows\system32\msls31.dll
2009-03-06 14:22 . 2008-10-10 06:01    284160    ----a-w    c:\windows\system32\pdh.dll
2008-02-28 22:44 . 2008-02-28 22:44    259    ----a-w    c:\program files\internet explorer\plugins\IEImageRR.dll
2008-02-19 08:52 . 2006-12-29 01:03    200    --sh--r    c:\windows\system32\1F2AE5C3FD.sys
2009-02-09 00:54 . 2008-02-29 08:48    848    --sha-w    c:\windows\system32\KGyGaAvL.sys
.

(((((((((((((((((((((((((((((((((((  Start steder i reg.basen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-02-29 1481968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-29 61440]
"ASUSGamerOSD"="c:\program files\ASUS\GamerOSD\GamerOSD.exe" [2008-08-29 380928]
"SMSystemAnalyzer"="c:\program files\iolo\System Mechanic 7\SMSystemAnalyzer.exe" [2008-05-06 764776]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2009-05-23 1794320]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" - c:\windows\KHALMNPR.Exe [2008-02-29 76304]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\policies\microsoft\windows\windowsupdate\au]
"NoAutoUpdate"= 1

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2006-12-20 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2007-04-19 10:41    294912    ----a-w    c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2008-05-02 00:42    72208    ----a-w    c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute    REG_MULTI_SZ      "œOo"\0autocheck smrgdf c:\documents and settings\Kurt\Application Data\iolo\

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Tournament Indicator\\Indicator.exe"=

R0 viasraid;viasraid;c:\windows\system32\drivers\viasraid.sys [27-12-2006 20:40 77312]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [23-05-2009 15:55 114768]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdguard.sys [23-05-2009 16:44 132640]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [23-05-2009 16:44 24096]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [29-02-2008 16:03 8944]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [29-02-2008 16:03 51440]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [23-05-2009 15:55 20560]
R2 ioloFileInfoList;iolo FileInfoList Service;c:\program files\iolo\Common\Lib\ioloServiceManager.exe [07-05-2009 01:50 566120]
R2 ioloSystemService;iolo System Service;c:\program files\iolo\Common\Lib\ioloServiceManager.exe [07-05-2009 01:50 566120]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [16-02-2006 16:51 4096]
S0 ntcdrdrv;ntcdrdrv;c:\windows\system32\DRIVERS\ntcdrdrv.sys --> c:\windows\system32\DRIVERS\ntcdrdrv.sys [?]
S3 AIDA32Driver;AIDA32Driver;c:\documents and settings\Kurt\My Documents\Downloads\aida32pe_393\aida32.sys [22-04-2009 10:11 3584]
S3 CrystalSysInfo;CrystalSysInfo;\??\c:\program files\MediaCoder\SysInfo.sys --> c:\program files\MediaCoder\SysInfo.sys [?]
S3 LGDDCDevice;LGDDCDevice;c:\program files\LG Soft India\forteManager\bin\I2CDriver.sys [26-11-2008 16:59 14336]
S3 LGII2CDevice;LGII2CDevice;c:\program files\LG Soft India\forteManager\bin\PII2CDriver.sys [26-11-2008 16:59 13312]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [25-01-2007 19:31 42000]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Indhold af mappen 'Planlagte Opgaver'

2009-05-23 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2009-05-26 c:\windows\Tasks\User_Feed_Synchronization-{1D99B3D0-3EB4-40BA-8A02-7400231BA0CA}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 02:31]
.
- - - - TOMME GENVEJE FJERNET - - - -

SafeBoot-procexp90.Sys


.
------- Yderligere scanning -------
.
uStart Page = hxxp://www.google.dk/
uInternet Settings,ProxyOverride = *.local
IE: &Download alle med FlashGet - c:\program files\FlashGet\jc_all.htm
IE: &Download med FlashGet - c:\program files\FlashGet\jc_link.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Open Picture in &Microsoft PhotoDraw - c:\progra~1\MICROS~2\Office\1033\phdintl.dll/phdContext.htm
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
DPF: {1819853F-A3CA-4BC4-AD65-EC29D7448494} - hxxp://centrebet.com/external/cust_static/activex/centrebetpokerlauncher.cab
DPF: {99D090A6-EA84-466E-8F21-834B36F57E77} - hxxp://peerfactor.fr/PeerFactor_DL.cab
DPF: {9DF01F00-08E7-4DBE-9070-94841463B3FE} - hxxps://danid.dk/csp/authenticode/csp.exe
DPF: {D216644A-C6DB-49D9-BBCF-D38FE7991BF2} - hxxps://udstedelse.certifikat.tdc.dk/csp/authenticode/tdccsp-0506.exe
DPF: {E56347B0-6C2B-4C2E-939F-EE513EAC80BC} - hxxp://www.creative.com/register/OCXs/CtORWebClientNoMFC.cab
FF - ProfilePath - c:\documents and settings\Kurt\Application Data\Mozilla\Firefox\Profiles\6yigzgw8.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.degn-online.dk/portal.htm
FF - prefs.js: keyword.URL - hxxp://search.copernic.com/query21/?c=web&l=ENG&e=CDS2&cpn=&b=300000081&sctx=ffaddrbar&q=
FF - component: c:\documents and settings\Kurt\Application Data\Mozilla\Firefox\Profiles\6yigzgw8.default\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374}\platform\WINNT\components\FoxyTunes.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa2.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npyaxmpb.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-26 15:21
Windows 5.1.2600 Service Pack 3 NTFS

detected NTDLL code modification:
ZwClose, ZwOpenFile

scanner skjulte processer ... 

scanner skjulte autostarter ...

scanner skjulte filer ... 

scanning gennemført med succes
skjulte filer: 0

**************************************************************************
.
--------------------- LÅSTE REGISTRERINGS NØGLER ---------------------

[HKEY_USERS\S-1-5-21-789336058-616249376-682003330-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:dc,c9,37,06,fd,db,46,80,50,0c,42,78,f6,08,74,04,ac,c2,e0,d9,cc,5a,ad,
  f0,a0,e6,c5,6e,e4,63,4d,15,a3,98,1d,da,b5,2b,de,41,6c,3f,08,74,49,d9,50,df,\
"??"=hex:8f,c0,43,a8,1e,79,22,2a,7b,fe,00,8e,99,06,05,67
.
--------------------- DLLs startet under kørende Processer ---------------------

- - - - - - - > 'winlogon.exe'(888)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\Ati2evxx.dll
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
c:\program files\common files\logishrd\bluetooth\LBTServ.dll

- - - - - - - > 'lsass.exe'(948)
c:\windows\system32\guard32.dll

- - - - - - - > 'explorer.exe'(240)
c:\windows\system32\guard32.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\system32\OneX.DLL
c:\windows\system32\eappprxy.dll
.
------------------------ Andre kørende processer ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\program files\COMODO\COMODO Internet Security\cmdagent.exe
c:\windows\system32\ati2evxx.exe
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\windows\ATKKBService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\InterVideo\DeviceService\DevSvc.exe
c:\windows\ehome\ehSched.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\windows\system32\dllhost.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
.
**************************************************************************
.
Gennemført tid: 2009-05-26 15:24 - maskinen blev genstartet
ComboFix-quarantined-files.txt  2009-05-26 13:24

Pre-Kørsel: 11.197.427.712 bytes free
Post-Kørsel: 11.163.938.816 byte ledig

Current=1 Default=1 Failed=0 LastKnownGood=5 Sets=1,2,3,4,5
280    --- E O F ---    2009-05-13 14:03

Psssst - hvad bruger du denne til ->
"c:\Program Files\uTorrent\uTorrent.exe"

http://www.spywarefri.dk/forum/topic.asp?TOPIC_ID=40284
http://www.spywarefri.dk/forum/topic.asp?TOPIC_ID=47308

Ok, de to tråde havde jeg desværre ikke læst, kan godt se det bliver svært at få hjælp herinde så. Beklager ulejligheden

Hent og installér CCleaner http://www.ccleaner.com/ + http://www.spywarefri.dk/manualer/ccleaner-manual.htm
Under installationen får du tilbudt [Yahoo Toolbar]. Den bør du sige nej til.
Lad programmer foretage en oprydning. (Særligt af register)

  http://vistaguide.dk/?Artikler/CCleaner-GuideTilOptimeringAfVista/763

Hvordan kører pc'en nu?

Jeps, ser ud som det kører nu, tak for hjælpen, hvordan giver jeg dig points, synes ikke jeg kan trykke på noget...

Det er farligt at lege med fildeling, det har karise_larry ret i da man aldrig ved hvilke 'godter' der gemmer sig i det man henter.